Fix 'Referer checking failed - Referer is insecure while host is secure'

2022-07-02 11:07:59 +00:00 · 2022-07-02 11:07:59 +00:00 · 10eb0b1a75
parent 8cf98afe0b
commit 10eb0b1a75
3 changed files with 18 additions and 12 deletions
--- a/.env.dev
+++ b/.env.dev
@ -1,4 +1,4 @@
-DJANGO_ALLOWED_HOSTS=.funkwhale.test,localhost,nginx,0.0.0.0,127.0.0.1
+DJANGO_ALLOWED_HOSTS=.funkwhale.test,localhost,nginx,0.0.0.0,127.0.0.1,.gitpod.io
 DJANGO_SETTINGS_MODULE=config.settings.local
 DJANGO_SECRET_KEY=dev
 C_FORCE_ROOT=true
--- a/.gitpod.yml
+++ b/.gitpod.yml
@ -12,8 +12,6 @@ tasks:
      echo "# Gitpod Environment Variables" > .env
      echo "MEDIA_URL=http://localhost:8000/media/" >> .env
      echo "STATIC_URL=http://localhost:8000/staticfiles/" >> .env
-      echo "FUNKWHALE_HOSTNAME=`gp url 8000 | sed 's#https://##'`" >> .env
-      echo "FUNKWHALE_PROTOCOL=https" >> .env
      echo "GITPOD_WORKSPACE_URL=$GITPOD_WORKSPACE_URL" >> .env
      echo "HMR_PORT=8000" >> .env
      echo "VUE_APP_INSTANCE_URL=$VUE_APP_INSTANCE_URL" >> .env
@ -33,18 +31,27 @@ tasks:
      # Compile frontend locales
      docker-compose run --rm front yarn run i18n-compile

-      # Login with cURL to create actors
+      # Start API to let script create an actor
      docker-compose up -d nginx
      gp ports await 8000

-      # Import music
+      # Clone music repo
      git clone https://dev.funkwhale.audio/funkwhale/catalog.git
      sudo mv catalog/music data
      sudo chown -R root:root data/music
      rm -rf catalog
+
+      # Login with cURL to create actor
      python .gitpod/init_actor.py
+
+      # Import music
+      docker-compose down
+      echo "FUNKWHALE_HOSTNAME=`gp url 8000 | sed 's#https://##'`" >> .env
+      echo "FUNKWHALE_PROTOCOL=https" >> .env
      LIBRARY_ID=`cat .gitpod/create_library.py | docker-compose run --rm -T api python manage.py shell -i python`
      docker-compose run --rm api python manage.py import_files $LIBRARY_ID "/music/" --recursive --noinput --in-place
+
+      # Stop docker
      docker-compose stop
    command: |
      docker-compose up -d nginx
--- a/.gitpod/init_actor.py
+++ b/.gitpod/init_actor.py
@ -9,12 +9,11 @@ token = res.cookies['csrftoken']

 res = req.post('http://localhost:8000/api/v1/users/login', data={
    'username': 'gitpod',
-    'password': 'gitpod'
-}, headers={
-    'Referer': 'http://localhost:8000/login',
-    'X-CSRFTOKEN': token
+    'password': 'gitpod',
+    'csrfmiddlewaretoken': token,
+    'next': '/api/v1/libraries/?scope=me'
 })
-print(res.status_code)
+print(res.status_code, res.content)

-res = req.get('http://localhost:8000/api/v1/libraries/?scope=me')
-print(res.status_code)
+if res.status_code == 401:
+    exit(1)